April 15, 2015 at 12:33 pm
For example, I have two databases A and B
I granted permission to a test user in Database A.
A Test user created a temp table in Database A
A test user inserted data into a temp table in Database A
I removed the permission for a test user in Database A
and I granted permission to a test user in Database B
But if a test user session is still open in Database A, he/she still be able to use a temp table created in Database A and export data to somewhere else.
How can I prevent a test user to insert data from a temp table created in Database A to a table in Database B if the session is still active even though the user permission was removed from database A? This can be any databases. So I am trying to find more dynamic security approach. what would the best security approach ?
Thank you
April 15, 2015 at 1:19 pm
What do you mean with "temp table"? The normal understanding of the term is a table of which the first character is a hash mark, e.g. #temp. These tables are always created in tempdb. Any user with access to the server can create a temp table, and fill it up with data. Even if they don't have access to any user database.
[font="Times New Roman"]Erland Sommarskog, SQL Server MVP, www.sommarskog.se[/font]
April 15, 2015 at 2:43 pm
Why don't you disconnect their session when you change a users access to sensitive data, that should remove any temp tables they've created.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply